What is the difference between system and object privileges?
System privileges
System privileges are privileges given to users to allow them to perform certain functions that deal with managing the database and the server . Most of the different types of permissions supported by the database vendors fall under the system privilege category. Let’s go through some examples of system privileges in Oracle and SQL Server.
Examples of Oracle system privileges
- CREATE USER. The CREATE USER permission, when granted to a database user, allows that database user to create new users in the database.
- CREATE TABLE. The CREATE TABLE permission, when granted to a database user, allows that database user to create tables in their own schema. This type of privilege is also available for other object types – like stored procedures and indexes.
- CREATE SESSION. The CREATE SESSION permission, when granted to a database user, allows that database user to connect to the database.
Object privileges
Object privileges are privileges given to users so that they can perform certain actions upon certain database objects – where database objects are things like tables, stored procedures, indexes, etc. Some examples of object privileges include granting a particular database user the right to DELETE and/or SELECT from a particular table. This is done using the GRANT clause, which you can read more about here: sql grant command.
System versus Object privileges
So, now hopefully it’s clear that the difference between system and object privileges is that system privileges are used for server and database privileges. But object privileges are used to grant privileges on database objects like tables, stored procedures, indexes, etc.
No comments:
Post a Comment